Contact us
Contact us

News

About

Home Crypto News Cisco Talos expands threat hunting to firewall and identity

Cisco Talos expands threat hunting to firewall and identity

Author Whitewallet Research
Posted: 4 June 2026, 12:35 CET 2 min read

Tony Giandomenico of Cisco Talos outlined plans to extend threat hunting from endpoints to Secure Firewall and identity signals (Duo, CII), pairing AI analysis with human analysts.

On June 4, 2026, Tony Giandomenico, Senior Director of Product Management at Cisco Talos, described an expansion of the company’s threat-hunting service. The effort extends hunting beyond endpoint telemetry to include Secure Firewall and identity signals from Duo and Cisco Identity Intelligence.

Threat hunting looks for attackers who have bypassed standard detection by examining telemetry and testing investigative hypotheses. Talos has operated hunting on Secure Endpoint data and will add searches of firewall telemetry and identity signals. The service will combine automated model-driven analysis with human review to help surface activity that automated systems may miss.

Giandomenico explained a core trade-off in automated detection: raising sensitivity produces more false alerts, while lowering it can let stealthy intrusions persist. He described Talos’ approach as a human-in-the-loop model that forms and tests hypotheses to find actors who slipped past controls. He said teams must balance alert volume against the risk of missed activity.

He also addressed rapid advances in large AI models and their effect on products and operations. “You don’t bring a knife to a gun fight, right? You’re going to use the same AI technology to speed things up there as well,” he said, adding that some features that might once have taken years to develop could appear much sooner as model capabilities increase.

Giandomenico drew on his past experience running a small cybersecurity consultancy in Hawaii to describe the management approach for complex launches. He said he learned finance, sales and how to influence colleagues across functions. “I have to influence them. I have to get them to understand and believe in the vision,” he recalled, and he emphasized that endurance and a clear sense of purpose help teams stay focused under pressure.

The expansion was announced in the June 4 interview and will add firewall and identity domains to Talos’ existing endpoint hunting while retaining analyst oversight for investigations.

Whitewallet Research
Author

Articles by this author

Malware in Pirated PC Games Steals Passwords and Crypto
Malware in Pirated PC Games Steals Passwords and Crypto
jun 8
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
Armstrong: Energy and Compute, Not Models, Will Cap AI Growth
jun 8
Custodial vs non-custodial wallet
Custodial vs non-custodial wallet
may 30
What is a crypto seed phrase
What is a crypto seed phrase
may 25
Seed phrase vs private key
Seed phrase vs private key
may 21

Latest News

MORE
Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

Adam Back: Bitcoin won’t fire miners; Dashjr readies fork

jun 12 2 min read
Coinbase Lets AI Agents Trade Inside User-Controlled Limits

Coinbase Lets AI Agents Trade Inside User-Controlled Limits

jun 12 2 min read
Hackers Impersonate ChatGPT, Claude and DeepSeek

Hackers Impersonate ChatGPT, Claude and DeepSeek

jun 11 2 min read
Delaware advances bill to ban crypto ATMs after scam surge

Delaware advances bill to ban crypto ATMs after scam surge

jun 11 2 min read
MORE